Performance Comparison of Machine Learning Classifiers for DDOS Detection and Mitigation on Software Defined Networks

Software Defined Networks (SDN) is an emerging network with better network management through the separation of Control logic and data forwarding elements. Several emerging networks, including the Internet of Things, Wireless Body Area Networks, and Blockchain, are incorporating SDN technology to improve resource management, thereby speeding up network innovation. The increasing number of internet-connected devices and the growing number of online applications pose various security concerns. SDN suffered various security threats due to centralized network architecture and limited memory space in the switch Flowtable. Distributed Denial of Service (DDOS) attacks is among the severe security threats that flood the precious switch Flowtable with massive flows to hijack the network. Several machine-learning DDOS attack detection has been proposed to mitigate such threats. However, the choice of effective machine learning algorithms with high accuracy and short prediction and learning time is paramount. This study analyses the performance of eight machine-learning algorithms for DDOS detection and mitigation in SDN. On average, Decision Tree (DT) and Random Forest have the highest accuracy with 99.86%, respectively. Naive Bayes has a minimal prediction time of 144.511 seconds, while DT has the shortest learning time of 22229 seconds.